On Mon, Sep 22, 2014 at 2:10 AM, List Monkey wrote:
> Any other thoughts?
If you run ossec-rootcheck manually do you still get an alert?
Brandon Vincent
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-sec
On 22 Sep 2014, at 11:10, List Monkey wrote:
> I'm running freebsd as an vm. I recently got a hit from the ossec agent:
>
> OSSEC HIDS Notification.
> 2014 Aug 28 03:01:34
>
> Received From: (host) xxx.xxx.xxx.xxx->rootcheck
> Rule: 510 fired (level 7) -> "Host-based anomaly detection event (roo
I'm running freebsd as an vm. I recently got a hit from the ossec agent:
OSSEC HIDS Notification.
2014 Aug 28 03:01:34
Received From: (host) xxx.xxx.xxx.xxx->rootcheck
Rule: 510 fired (level 7) -> "Host-based anomaly detection event (rootcheck)."
Portion of the log(s):
Process '9990' hidden from
